From eb7adaec46eceaa4b247dc664dcce2d65a5edead Mon Sep 17 00:00:00 2001 From: Martin Fleisz Date: Fri, 18 Nov 2022 11:38:55 +0100 Subject: [PATCH] core: Preserve user provided credentials when being redirected This PR fixes an issue where user credentials were lost when connecting to a farm that redirects the client. During a redirect the connection settings were overriden by the settings stored in `rdp->originalSettings`. However these settings miss any credentials the user provides during the connection phase, thus causing another authentication prompt to appear. --- libfreerdp/core/utils.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/libfreerdp/core/utils.c b/libfreerdp/core/utils.c index 5c7eadb4b..bb182f753 100644 --- a/libfreerdp/core/utils.c +++ b/libfreerdp/core/utils.c @@ -47,14 +47,18 @@ BOOL utils_str_copy(const char* value, char** dst) auth_status utils_authenticate_gateway(freerdp* instance, rdp_auth_reason reason) { rdpSettings* settings; + rdpSettings* origSettings; BOOL prompt = FALSE; BOOL proceed; WINPR_ASSERT(instance); WINPR_ASSERT(instance->context); WINPR_ASSERT(instance->context->settings); + WINPR_ASSERT(instance->context->rdp); + WINPR_ASSERT(instance->context->rdp->originalSettings); settings = instance->context->settings; + origSettings = instance->context->rdp->originalSettings; if (freerdp_shall_disconnect_context(instance->context)) return AUTH_FAILED; @@ -84,20 +88,35 @@ auth_status utils_authenticate_gateway(freerdp* instance, rdp_auth_reason reason if (!utils_sync_credentials(settings, FALSE)) return AUTH_FAILED; + + /* update original settings with provided user credentials */ + if (!utils_str_copy(settings->GatewayUsername, &origSettings->GatewayUsername)) + return AUTH_FAILED; + if (!utils_str_copy(settings->GatewayDomain, &origSettings->GatewayDomain)) + return AUTH_FAILED; + if (!utils_str_copy(settings->GatewayPassword, &origSettings->GatewayPassword)) + return AUTH_FAILED; + if (!utils_sync_credentials(origSettings, FALSE)) + return AUTH_FAILED; + return AUTH_SUCCESS; } auth_status utils_authenticate(freerdp* instance, rdp_auth_reason reason, BOOL override) { rdpSettings* settings; + rdpSettings* origSettings; BOOL prompt = !override; BOOL proceed; WINPR_ASSERT(instance); WINPR_ASSERT(instance->context); WINPR_ASSERT(instance->context->settings); + WINPR_ASSERT(instance->context->rdp); + WINPR_ASSERT(instance->context->rdp->originalSettings); settings = instance->context->settings; + origSettings = instance->context->rdp->originalSettings; if (freerdp_shall_disconnect_context(instance->context)) return AUTH_FAILED; @@ -148,6 +167,17 @@ auth_status utils_authenticate(freerdp* instance, rdp_auth_reason reason, BOOL o if (!utils_sync_credentials(settings, TRUE)) return AUTH_FAILED; + + /* update original settings with provided user credentials */ + if (!utils_str_copy(settings->Username, &origSettings->Username)) + return AUTH_FAILED; + if (!utils_str_copy(settings->Domain, &origSettings->Domain)) + return AUTH_FAILED; + if (!utils_str_copy(settings->Password, &origSettings->Password)) + return AUTH_FAILED; + if (!utils_sync_credentials(origSettings, TRUE)) + return AUTH_FAILED; + return AUTH_SUCCESS; }